How can get user's email from onedrive API? - microsoft-graph-api

On the document, I just found I can get displayName from
/drive
But no email
If I want to use this API, can I only through Microsoft Graph?

This is available using the Microsoft Graph API , if your app has requested User.Read permissions.
You can make a request to get the signed in user's email:
GET https://graph.microsoft.com/v1.0/me/mail
Or you can make a request to get a particular user's email, based on a user ID:
GET https://graph.microsoft.com/v1.0/users/{userId}/mail
You can also use the createdByUser and lastModifiedByUser navigation properties on an item to retrieve the email address for the user who created/modified the file.
To call Microsoft Graph, you need to use the AAD OAuth v2 authorization / token end point. It's different than what you would have been using for OneDrive personal previously, but documented here: https://dev.onedrive.com/auth/graph_oauth.htm

Related

How do I get an object ID of a user, by display name, from Microsoft Graph API?

I am creating a Power App which is supposed to modify custom attributes on users on an Azure B2C tenant. However, the only way to update said users is by a Patch call referencing "https://graph.microsoft.com/v1.0/users/object-id" (which I am calling via a Power Automate flow). Since these are b2c users, their actual UPN does not match their email. I need to find a way to get this object ID beforehand so I can pass the appropriate patch call. Any tips? Thanks!
I tried using an Azure AD connector in Power Automate flow using the email of the user, but that is not their actual upn.
https://graph.microsoft.com/v1.0/users?$filter=displayName eq 'USER DISPLAY NAME'&$select=id
will return user id

How to get/set Azure AD B2C User MFA details via Microsoft Graph API

Using the Microsoft Graph API v 1.0, how can I retrieve the user's MFA details?
For example, if I have an email based sign-in/sign-up policy with phone/SMS MFA, how can I see the phone number entered by the user? (and also set update it)
I know if I select 'identities' in the GET /users method I can see the email they've signed up with, but not the phone number they set for MFA. (https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0)
Of course I'm looking for all the mfa settings: mfa phone number, mfa email address, is mfa set, etc.
Hopefully there is some kind of extension attribute that contains this that I can select, and set on creation, but I cannot find documentation on this.
[UPDATE]
In the Azure portal, I can see the entered data if I go to user > profile > authentication methods. So I tried accessing the authentication relationships on the user. but it didn't provide any details (all empty arrays) https://learn.microsoft.com/en-us/graph/api/resources/authentication?view=graph-rest-1.0
There's a write-up here.
e.g:
GET https://graph.microsoft.com/beta/users/objectID/authentication/methods

Graph Explorer newbie question: Forbidden - 403 when GETTING other user's email using a logged on UPN of an Exchange Admin

I have a question to ask about using Graph Explorer.
I logged onto Graph Explorer using my admin account which has the role of Exchange Administrator.
However, when I execute a query just to get another user's high importance email, it came back with forbidden.
The query is just a simple https://graph.microsoft.com/v1.0/users/john.doe#domain.au/messages?$filter=importance eq 'high'
I have already consented the permissions as you can see from the image below.
Can anyone be kind enough to point me in the right direction?
(Graph Explorer screen capture)
Thanks.
I guess that permission tab show the incorrect information. To access mail of another user you will need at least Mail.Read.Shared and Mail.ReadWrite.Shared permissions.
Probably due to security reason you will also need other permissions like User.Read.All
Mail.Read.Shared
Allows the app to read mail that the user can access, including the user's own and shared mail.
Mail.ReadWrite.Shared
Allows the app to create, read, update, and delete mail that the user has permission to access, including the user's own and shared mail. Does not include permission to send mail.
Resource:
Mail permissions

Read outlook mails through MS 365 graph client without login form

I have to read Outlook emails from an inbox in a Windows Console Application. I am trying to use MS Graph Client for the same. Problem is I don't want to login to generate access token. How should I go about generating access token without a login form ? I will appreciate any help.
I have tried the solution given in this article, but couldn't get it working as I didn't know redirectUrl and couldn't resolve some references for the given code.
Single user -> Use device code flow
If you want to access the mailbox of a single user: you can use the Device code flow documentation.
This flow allows you to display a code to the user, they go to the device login page and authorize your application. You also get a refresh token so this access can be used for a log time.
Any user in organization -> Use client credentials
If you want to access any mailbox of the entire organisation you can check out this answer and replace the required permission by Read mail in all mailboxes.

Getting Facebook Public Profile URLs

I'm building a feature in my web service to let people enter their Facebook URL into a field. Because few people know their FB user names or public profile URLs, I'd like to provide an interface to assist.
In brief: is there a way to get a list of matching users's public URLs by providing a name alone?
I have tried examining the Facebook Open Graph API; this appears to require knowing the user ID of the person, or the user ID.
I have tried using Mechanize and Nokogiri to automate the process, logging into Facebook as myself and accessing the search feature (http://facebooks.com/search/results.php?q=Person%20Name), but it's not returning any data when attempted this way. I suspect Facebook is using some kind of joojoo to keep me out that way.
Anyone have any suggestions?
With a valid access token, you should be able to query https://graph.facebook.com/me/ to get their ID, name, and public URL (Here's an example using the Graph API Explorer).
There's a search endpoint in the graph API, unfortunately it requires valid user access token.
https://graph.facebook.com/search?q=<name>&type=user&access_token=<user access token>
However it could be yours even, by getting a long living access token it would work for 60 at most, but it's probably a bad idea.
The type could be user, post, event, group, page.
Having done additional research, it appears to not be possible to get a user's public profile page without their permission. Hooray for Facebook privacy settings, I guess.
However, getting an access token is easier than I imagined it would be. Facebook offers an example on their site for getting user permission to access their account, implemented entirely on the client side. Nice and easy; the access token is returned in the URL.
The only downside here is you have to create an application on Facebook, at http://developers.facebook.com/apps. For my purposes, the "Website with Facebook Login" was the application type.
From that point, you can use that token to interrogate the Graph API with ease, as both Warpling and complex857 have suggested.

Resources